Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Encrypt Nuxeo password in database

Go to answer
SMAH_Haider
Star Contributor
Star Contributor

‎08-27-2012 03:35 AM

We are using Nuxeo 5.6-RC2. We are connecting via oracle template. We have also customized nuxeo to use our customized pre-made users instead default nuxeo users.

Now, username and password Administrator and Administrator are placed in MY_CUSTOMIZED_USERS table, and obviously they are not encrypted. In production environment, users have access to database and they can see Administrator password.

Is there anyway we can customize Nuxeo to have our login passwords in database encrypted?

0 Kudos
1 ACCEPTED ANSWER

Go to answer
Wojciech_Sulejm
Star Contributor
Star Contributor

‎08-27-2012 07:24 PM

Only the initial Administrator password, that is the word "Administrator", is not encrypted as the assumption was made that it needs to be reset anyway to make it secure. The moment you change the Administrator password, it does get encrypted.

Please make a test and change your Administrator password and then query the users table to see if that indeed is the case.

View answer in original post

4 REPLIES 4

Go to answer
Wojciech_Sulejm
Star Contributor
Star Contributor

‎08-27-2012 07:24 PM

Only the initial Administrator password, that is the word "Administrator", is not encrypted as the assumption was made that it needs to be reset anyway to make it secure. The moment you change the Administrator password, it does get encrypted.

Please make a test and change your Administrator password and then query the users table to see if that indeed is the case.

Go to answer
SMAH_Haider
Star Contributor
Star Contributor
In response to Wojciech_Sulejm

‎08-28-2012 07:23 AM

Thanks Wojciech I changed the password and as you said it got encrypted in database. But as we have made our custom users by making our own user directory.

0 Kudos

Go to answer
Florent_Guillau
World-Class Innovator
World-Class Innovator

‎08-30-2012 03:54 PM

If <passwordHashAlgorithm>SSHA</passwordHashAlgorithm> is in the config then Nuxeo will encrypt any password it writes, but will still be able to read unencrypted ones.

If you populate the password database using an external system, then you'll have to do the encryption yourself. You can see how SSHA is implemented by reading the code at https://github.com/nuxeo/nuxeo-services/blob/master/nuxeo-platform-directory/nuxeo-platform-director...

Go to answer
SMAH_Haider
Star Contributor
Star Contributor
In response to Florent_Guillau

‎09-25-2012 04:14 AM

Perfect. Thanks Florent.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC